General

  • Target

    2412-291-0x0000000000E20000-0x0000000000E5E000-memory.dmp

  • Size

    248KB

  • MD5

    c3fbbbbb463b54e5ce26fafb4c535619

  • SHA1

    31b9db0599950173b4ff006e1a7f7aaa77c9f543

  • SHA256

    d0e763d6596f602770a2fab6e1cf4407723fe0484d5132db564babc91bf6114a

  • SHA512

    f6d22a799467f695e88957284f508c3671d68ae7a34a3a1ef4911e0515c11169d0f5f8d091fd845dedb30989fd373919c9f582c8786fd4c6e51b58e45cbe1ad7

  • SSDEEP

    6144:1grADDNgc6jYb9PXl3/f8FuAqSkiLWD+a+:SrEDNgc6jM2LO+a+

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

tests2

C2

185.216.70.238:37515

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2412-291-0x0000000000E20000-0x0000000000E5E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections